Added audit logging for file put

dm3ch · dm3ch · commit 84e8f948b5d0 · 2019-11-18T00:53:19.000+03:00
diff --git a/bucketio.go b/bucketio.go
@@ -160,6 +160,7 @@ type S3PutObjectWriter struct {
 	ServerSideEncryption *ServerSideEncryptionConfig
 	Log                  interface {
 		DebugLogger
+		InfoLogger
 		ErrorLogger
 	}
 	MaxObjectSize    int64
@@ -437,7 +438,7 @@ type S3ObjectStat struct {
 }
 
 func (sos *S3ObjectStat) ListAt(result []os.FileInfo, o int64) (int, error) {
-	F(sos.Debug, "S3ObjectStat.ListAt: len(result)=%d offset=%d", len(result), o)
+	F(sos.Debug, "S3ObjectStat.: len(result)=%d offset=%d", len(result), o)
 	_o, err := castInt64ToInt(o)
 	if err != nil {
 		return 0, err
@@ -541,8 +542,10 @@ type S3BucketIO struct {
 	Now                      func() time.Time
 	Log                      interface {
 		ErrorLogger
+		InfoLogger
 		DebugLogger
 	}
+	UserInfo *UserInfo
 }
 
 func buildKey(s3b *S3Bucket, path string) Path {
@@ -617,6 +620,7 @@ func (s3io *S3BucketIO) Filewrite(req *sftp.Request) (io.WriterAt, error) {
 		Size:         0,
 		LastModified: s3io.Now(),
 	}
+	F(s3io.Log.Info, "Upload file %s by user %s", key, s3io.UserInfo.User)
 	F(s3io.Log.Debug, "S3PutObjectWriter.New(key=%s)", key)
 	oow := &S3PutObjectWriter{
 		Ctx:                  combineContext(s3io.Ctx, req.Context()),
diff --git a/server.go b/server.go
@@ -36,7 +36,7 @@ func asHandlers(handlers interface {
 	return sftp.Handlers{handlers, handlers, handlers, handlers}
 }
 
-func (s *Server) HandleChannel(ctx context.Context, bucket *S3Bucket, sshCh ssh.Channel, reqs <-chan *ssh.Request) {
+func (s *Server) HandleChannel(ctx context.Context, bucket *S3Bucket, sshCh ssh.Channel, reqs <-chan *ssh.Request, userInfo *UserInfo) {
 	defer s.Log.Debug("HandleChannel ended")
 	server := sftp.NewRequestServer(
 		sshCh,
@@ -52,6 +52,7 @@ func (s *Server) HandleChannel(ctx context.Context, bucket *S3Bucket, sshCh ssh.
 				Perms:                    bucket.Perms,
 				ServerSideEncryption:     &bucket.ServerSideEncryption,
 				Now:                      s.Now,
+				UserInfo:                 userInfo,
 			},
 		),
 	)
@@ -106,6 +107,10 @@ func (s *Server) HandleClient(ctx context.Context, conn *net.TCPConn) error {
 		F(s.Log.Info, "connection from client %s closed", conn.RemoteAddr().String())
 		conn.Close()
 	}()
+
+	var userInfo *UserInfo = new(UserInfo)
+	userInfo.Addr = conn.RemoteAddr()
+
 	F(s.Log.Info, "connected from client %s", conn.RemoteAddr().String())
 
 	innerCtx, cancel := context.WithCancel(ctx)
@@ -122,6 +127,7 @@ func (s *Server) HandleClient(ctx context.Context, conn *net.TCPConn) error {
 		return err
 	}
 
+	userInfo.User = sconn.User()
 	F(s.Log.Info, "user %s logged in", sconn.User())
 	bucket, ok := s.UserToBucketMap[sconn.User()]
 	if !ok {
@@ -160,7 +166,7 @@ func (s *Server) HandleClient(ctx context.Context, conn *net.TCPConn) error {
 			wg.Add(1)
 			go func() {
 				defer wg.Done()
-				s.HandleChannel(innerCtx, bucket, sshCh, reqs)
+				s.HandleChannel(innerCtx, bucket, sshCh, reqs, userInfo)
 			}()
 		}
 	}(chans)
diff --git a/user_info.go b/user_info.go
@@ -0,0 +1,8 @@
+package main
+
+import "net"
+
+type UserInfo struct {
+	Addr  net.Addr
+	User string
+}
